Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News GitLab 8.9 Adds File Locking, Hardware U2F Support

GitLab 8.9 Adds File Locking, Hardware U2F Support

This item in japanese

Lire ce contenu en français

GitLab version 8.9 has been released, bringing a refreshed UI and a partnership to provide hardware-based two-factor authentication.

In this latest version, developers got the ability to lock a binary file, keeping anyone but the locker from changing a specific file or directory. This is useful for game or graphic assets in which conflicts are not easily resolved. Those on the Enterprise Edition can pay for this extra option which Hacker News user sdesol says is a boon for those that need it:

Enterprise is all about reducing risk and that's because a screw up can bring down an entire company. So if you are a domain expert and if there is a trivial way to ensure people don't ruin your day, you'll use it. Mistakes happen and in the open source world, it's a shrug off the shoulder, in enterprise, it translates into loss money.

Visually, the UI has changed, moving a project's navigation to the top of the screen from its original position on the left. System-wide navigation is still on the left, but with an option to automatically hide it when not in use.

GitLab now supports FIDO Universal 2nd Factor (U2F) authentication, teaming up with Yubico to work with YubiKey devices. While two-factor authentication was available with the use of a mobile phone and a TOTP code, the use of a hardware YubiKey and the Chrome browser can speed up the process. Instead of having to type in a 6-digit code, a developer can plug in the USB key and have their session automatically authenticated. Firefox support is only available behind a flag in the nightly version.

GitHub also supports U2F and YubiKey hardware devices.

Developers can add U2F support to their own applications using Yubico's developer resources. YubiKeys are used in some large companies such as Google, Facebook, and Salesforce for securing employee access to resources.

Rate this Article